<?php 	
require_once('login.php');
 	if ($_SESSION['Status']=='admin'){ 
 		$action = cleanSimpleString($_POST['action']); 
 		$cat = cleanSimpleString($_POST['cat']); 	
 	if($action=='remove'){ 	
		$qry = "SELECT Ordine FROM Categorie WHERE Nome = '$cat'";
		$check = mysql_query($qry) or $db=0; 
		$array = mysql_fetch_assoc($check);
		$o = $array['Ordine'];
		$qry = "DELETE FROM Categorie WHERE Nome='$cat'";
		$check = mysql_query($qry) or $db=0; 
		$qry = "UPDATE Categorie SET ORDINE= ORDINE -1 WHERE ORDINE>$o";
		$check = mysql_query($qry) or $db=0; 
	}
	else if($action=='up' || $action=='down'){
		$o=cleanNumber($_POST['o']);
		
		//QUI CI VA UN BEL CONTROLLO SU $O....
			$newO= ($action=='up') ? $o-1 : $o+1;
			$qry="UPDATE Categorie SET Ordine=$o WHERE Ordine=$newO";

			$check = mysql_query($qry) or $db=0; 
			$qry="UPDATE Categorie SET Ordine=$newO WHERE Nome='$cat'";
	
			$check = mysql_query($qry) or $db=0; 				
		
		}
	else if($action='modify'){
		$n = cleanSimpleString($_POST['cat']);
		$nN = cleanSimpleString($_POST['newCat']);
		$qry = "UPDATE Categorie Set Nome='$nN' WHERE Nome='$n'";
		$check = mysql_query($qry) or $db=0; 
		
	}
	
	$qry = "SELECT Nome FROM Categorie Order By Ordine";
	$check = mysql_query($qry) or $db=0; 
	$array = mysql_fetch_assoc($check);
	$msg="1";
	
	while($array){
		$msg.=",".$array['Nome'];
		$array = mysql_fetch_assoc($check);
	}
	echo $msg;
}


    ?>
